In this blog post, Dhiren Sehgal, who is currently pursuing a Diploma in Entrepreneurship Administration and Business Laws from NUJS, Kolkata, explains how cyber-crime cells work in India. He also goes on to discuss the powers and functions of such cyber-crime cells.
Cyber-crime cells are the one track solution towards combatting and tackling cyber-crime. Now an act of cyber-crime is a punishable criminal act which may include acts of online stalking, online banking or credit card scams, hacking and proliferating software viruses. These cyber crime cells are the brainchild of the criminal investigation departments of cities in India and have been opened under these departments only to handle the issue of Internet related criminal activity. This computer and internet based crimes are governed under the Information Technology Act, 2000 and the Act further penalizes such acts.
We can arrange cyber-crime activities in two different categories:
The Computer as a target: utilizing a PC to assault different PCs. For example, Hacking, Virus/Worm assaults, DOS assault and so forth.
The PC as a weapon: utilizing a PC to perpetrate and commit actual and real world criminal activities. For example, Digital Terrorism, IPR infringement, credit card scams, EFT cheats, pornography and so on.
According to The Information Technology Act of India, when a cyber crime has been carried out, it has a worldwide purview and jurisdiction. Furthermore, a complaint or a grievance can be recorded at any cyber-crime cell in any of the cities. A person may need to give a name, street address and a phone number alongside an application letter headed to the respective person heading the cyber-crime cell when recording a complaint with the cyber-crime cell. A person must give specific documentation with a specific end goal to enroll a complaint with cyber-crime cell. List of records change with the kind of cyber-crime activity and differs from crime to crime basis.
In the event of hacking, the accompanying data ought to be given:
- Logs recorded in the server to look for evidence.
- A duplicate of the hacked site page in a soft copy format and in addition printed version format, if casualty’s site is destroyed. If information and data are lost or traded off on the casualty’s server or PC or another system network, then a soft copy of the original information and a soft copy of the lost information.
- Subtle details and information regarding access and control of the component hacked i.e. who had access to the PC or email of the casualty?
- List of suspects if the casualty is having any suspicion on anybody.
- All applicable and relevant data prompting the responses after inquiries leading to the following questions:
- What is lost or compromised?
- Who may have hacked the framework?
- At the point when was the framework hacked?
- Why may have been the framework or system hacked?
- Where is the effect or impact of the assault distinguishing the targeted framework from the network?
- What number of frameworks have been lost by the assault?
- If there should be an occurrence of email misuse, obscene email, and so forth the accompanying data ought to be given: The augmented headers of culpable email and the culpable email.
To combat cyber crimes, the CBI has in place the following special units and structures:
(i) Cyber Crimes Research and Development Unit (CCRDU); (ii) Cyber Crime Investigation Cell (CCIC); (iii) Cyber Forensics Laboratory; and (iv) Network Monitoring Centre.
The CCIC which was established in September 1999 is an integral part of the economic offenses division, the cell enjoys its jurisdiction all over the country and has investigative powers for criminal offenses under the information technology act, 2000.
After the preliminary complaint filing, the investigation by the cell begins with search and seizure of digital evidence, which refers to an intangible form of data in the virtual world. The investigating officer has to look for a place where lies a suspicion that the computer or networks of different computers are likely to be found, and the help of computer forensic scientists may be required in such operations.
The advice of technical experts should be relied on and availed wherever necessary. The investigating officer needs to survey the equipment and needs to take precautionary steps before dismantling the system or the network so that no important data is lost. The next step is labeling and picturing the entire network site before the dismantling begins. Each and every part of the network system needs to be labeled correctly so that the reassembly is accurately done.
Also, in case a computer system is down, try not to turn it back on as it might lead to the eradication of the entire data in the system, likewise if a system is up and running then it shouldn’t be turned off before consulting or checking. Once everything is labeled and powered down, then the dismantling can be started, and a proper procedure should be taken while dismantling the system. Along with dismantling, all the documents related to the system or the working of the system should be seized as well as the manuals seized might be referred by the examiners at the forensic lab.
The Information Technology Act, 2000 provides any police officer who isn’t below the rank of deputy superintendent of police to investigate any offense under this Act. Also, according to the provisions of the Act, the central government shall appoint an officer, not below the rank of a Director to the Government of India or an equivalent officer of a state government to adjudicate and inquire the matter. Also, any police officer not below the rank of a deputy superintendent shall have the powers to enter and search.